Merge pull request #152 from aubelsb2/rfc6749-4-1-3-2

LyricTian · web-flow · commit 201391a41886 · 2020-07-07T09:18:52.000+08:00
Rfc6749 4.1.3 - client_secret isn't required
diff --git a/manage/manager.go b/manage/manager.go
@@ -261,7 +261,7 @@ func (m *Manager) GenerateAccessToken(ctx context.Context, gt oauth2.GrantType,
 		if !cliPass.VerifyPassword(tgr.ClientSecret) {
 			return nil, errors.ErrInvalidClient
 		}
-	} else if tgr.ClientSecret != cli.GetSecret() {
+	} else if len(tgr.ClientSecret) > 0 && tgr.ClientSecret != cli.GetSecret() {
 		return nil, errors.ErrInvalidClient
 	}
 	if tgr.RedirectURI != "" {
diff --git a/server/handler.go b/server/handler.go
@@ -46,10 +46,10 @@ type (
 // ClientFormHandler get client data from form
 func ClientFormHandler(r *http.Request) (string, string, error) {
 	clientID := r.Form.Get("client_id")
-	clientSecret := r.Form.Get("client_secret")
-	if clientID == "" || clientSecret == "" {
+	if clientID == "" {
 		return "", "", errors.ErrInvalidClient
 	}
+	clientSecret := r.Form.Get("client_secret")
 	return clientID, clientSecret, nil
 }
 

Original file line number	Diff line number	Diff line change
`@@ -261,7 +261,7 @@ func (m *Manager) GenerateAccessToken(ctx context.Context, gt oauth2.GrantType,`
`261`	`261`	`if !cliPass.VerifyPassword(tgr.ClientSecret) {`
`262`	`262`	`return nil, errors.ErrInvalidClient`
`263`	`263`	`}`
`264`		`- } else if tgr.ClientSecret != cli.GetSecret() {`
	`264`	`+ } else if len(tgr.ClientSecret) > 0 && tgr.ClientSecret != cli.GetSecret() {`
`265`	`265`	`return nil, errors.ErrInvalidClient`
`266`	`266`	`}`
`267`	`267`	`if tgr.RedirectURI != "" {`
Original file line number	Diff line number	Diff line change
`@@ -46,10 +46,10 @@ type (`
`46`	`46`	`// ClientFormHandler get client data from form`
`47`	`47`	`func ClientFormHandler(r *http.Request) (string, string, error) {`
`48`	`48`	`clientID := r.Form.Get("client_id")`
`49`		`- clientSecret := r.Form.Get("client_secret")`
`50`		`- if clientID == "" \|\| clientSecret == "" {`
	`49`	`+ if clientID == "" {`
`51`	`50`	`return "", "", errors.ErrInvalidClient`
`52`	`51`	`}`
	`52`	`+ clientSecret := r.Form.Get("client_secret")`
`53`	`53`	`return clientID, clientSecret, nil`
`54`	`54`	`}`
`55`	`55`